From 284f054fd8c2d434e90f4dbe513c891ea6651488 Mon Sep 17 00:00:00 2001 From: Sergei Maertens Date: Tue, 19 Sep 2023 17:39:39 +0200 Subject: [PATCH 1/4] :truck: Move certificate factory and associated files Created a simple_certmanager_ext package to centralize factories and data for mTLS-like purposes. Additionally, to keep the test structure consistent, the zgw_consumers factories were placed in the tests package. --- .../contrib/qmatic/tests/factories.py | 2 +- .../contrib/qmatic/tests/test_client.py | 36 +++++-------- src/openforms/contrib/bag/tests/base.py | 2 +- src/openforms/contrib/kvk/tests/base.py | 2 +- .../tests/test_family_members.py | 2 +- .../forms/tests/variables/test_viewset.py | 2 +- .../pre_requests/tests/test_clients.py | 2 +- .../contrib/haalcentraal/tests/test_client.py | 2 +- .../haalcentraal/tests/test_co_sign.py | 2 +- .../haalcentraal/tests/test_config_check.py | 2 +- .../contrib/haalcentraal/tests/test_models.py | 2 +- .../contrib/haalcentraal/tests/test_plugin.py | 2 +- .../prefill/tests/test_prefill_variables.py | 2 +- .../contrib/objects_api/tests/factories.py | 2 +- .../contrib/zgw_apis/tests/factories.py | 6 +-- src/openforms/services/tests/test_api_list.py | 2 +- ...ing_form_varaiable_values_from_services.py | 2 +- .../test_variables/test_fetch_with_logic.py | 2 +- .../tests/test_registrator_prefill.py | 2 +- src/openforms/variables/tests/factories.py | 2 +- src/simple_certmanager_ext/__init__.py | 0 src/simple_certmanager_ext/tests/__init__.py | 0 .../tests/data/README.md | 2 +- .../tests/data/test.certificate | 0 .../tests/data/test.key | 0 src/simple_certmanager_ext/tests/factories.py | 28 ++++++++++ src/soap/tests/factories.py | 4 +- src/stuf/stuf_zds/tests/test_client.py | 40 ++++++-------- src/stuf/tests/data/Readme.md | 14 ----- src/stuf/tests/data/test.certificate | 31 ----------- src/stuf/tests/data/test.key | 52 ------------------- src/stuf/tests/factories.py | 20 ------- .../{ => tests}/factories.py | 17 +++++- .../tests/test_client_factory.py | 45 ++++++---------- 34 files changed, 112 insertions(+), 219 deletions(-) create mode 100644 src/simple_certmanager_ext/__init__.py create mode 100644 src/simple_certmanager_ext/tests/__init__.py rename src/{zgw_consumers_ext => simple_certmanager_ext}/tests/data/README.md (88%) rename src/{zgw_consumers_ext => simple_certmanager_ext}/tests/data/test.certificate (100%) rename src/{zgw_consumers_ext => simple_certmanager_ext}/tests/data/test.key (100%) create mode 100644 src/simple_certmanager_ext/tests/factories.py delete mode 100644 src/stuf/tests/data/Readme.md delete mode 100644 src/stuf/tests/data/test.certificate delete mode 100644 src/stuf/tests/data/test.key rename src/zgw_consumers_ext/{ => tests}/factories.py (55%) diff --git a/src/openforms/appointments/contrib/qmatic/tests/factories.py b/src/openforms/appointments/contrib/qmatic/tests/factories.py index 700066e64a..e78c7d9bc4 100644 --- a/src/openforms/appointments/contrib/qmatic/tests/factories.py +++ b/src/openforms/appointments/contrib/qmatic/tests/factories.py @@ -1,7 +1,7 @@ import factory from zgw_consumers.constants import APITypes -from zgw_consumers_ext.factories import ServiceFactory as _ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory as _ServiceFactory from ..models import QmaticConfig diff --git a/src/openforms/appointments/contrib/qmatic/tests/test_client.py b/src/openforms/appointments/contrib/qmatic/tests/test_client.py index 89d96db61d..3924b8f566 100644 --- a/src/openforms/appointments/contrib/qmatic/tests/test_client.py +++ b/src/openforms/appointments/contrib/qmatic/tests/test_client.py @@ -1,24 +1,15 @@ -from pathlib import Path - -from django.conf import settings -from django.core.files import File from django.test import TestCase, tag import requests_mock from privates.test import temp_private_root from simple_certmanager.constants import CertificateTypes -from simple_certmanager.models import Certificate from openforms.utils.tests.logging import disable_logging +from simple_certmanager_ext.tests.factories import CertificateFactory from ..client import QmaticClient from .utils import MockConfigMixin -TEST_CERTS = Path(settings.BASE_DIR) / "src" / "zgw_consumers_ext" / "tests" / "data" - -CLIENT_CERTIFICATE = TEST_CERTS / "test.certificate" -CLIENT_KEY = TEST_CERTS / "test.key" - @temp_private_root() @tag("gh-3328") @@ -31,20 +22,17 @@ class ClientMutualTLSTests(MockConfigMixin, TestCase): def setUpTestData(cls): super().setUpTestData() # type: ignore - with CLIENT_CERTIFICATE.open("rb") as cert_file, CLIENT_KEY.open( - "rb" - ) as key_file: - cls.client_cert = Certificate.objects.create( - label="Gateway client certificate", - type=CertificateTypes.key_pair, - public_certificate=File(cert_file, "client.pem"), - private_key=File(key_file, "client_key.pem"), - ) - cls.server_cert = Certificate.objects.create( - label="Gateway server certificate", - type=CertificateTypes.cert_only, - public_certificate=File(cert_file, "server.pem"), - ) + cls.client_cert = CertificateFactory.create( + label="Gateway client certificate", + public_certificate__filename="client.pem", + with_private_key=True, + private_key__filename="client_key.pem", + ) + cls.server_cert = CertificateFactory.create( + label="Gateway server certificate", + type=CertificateTypes.cert_only, + public_certificate__filename="server.pem", + ) cls.service.client_certificate = cls.client_cert cls.service.server_certificate = cls.server_cert diff --git a/src/openforms/contrib/bag/tests/base.py b/src/openforms/contrib/bag/tests/base.py index 9845118db4..beca8dc939 100644 --- a/src/openforms/contrib/bag/tests/base.py +++ b/src/openforms/contrib/bag/tests/base.py @@ -2,7 +2,7 @@ import os from openforms.contrib.bag.models import BAGConfig -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory class BagTestMixin: diff --git a/src/openforms/contrib/kvk/tests/base.py b/src/openforms/contrib/kvk/tests/base.py index 6189088846..fd00fec6d8 100644 --- a/src/openforms/contrib/kvk/tests/base.py +++ b/src/openforms/contrib/kvk/tests/base.py @@ -2,7 +2,7 @@ import os from openforms.contrib.kvk.models import KVKConfig -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory class KVKTestMixin: diff --git a/src/openforms/formio/components/np_family_members/tests/test_family_members.py b/src/openforms/formio/components/np_family_members/tests/test_family_members.py index 2f816de819..842cf5affa 100644 --- a/src/openforms/formio/components/np_family_members/tests/test_family_members.py +++ b/src/openforms/formio/components/np_family_members/tests/test_family_members.py @@ -18,7 +18,7 @@ from soap.constants import EndpointType from stuf.stuf_bg.models import StufBGConfig from stuf.tests.factories import StufServiceFactory -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory from ..constants import FamilyMembersDataAPIChoices from ..haal_centraal import get_np_children_haal_centraal diff --git a/src/openforms/forms/tests/variables/test_viewset.py b/src/openforms/forms/tests/variables/test_viewset.py index 0f3b5434be..8e7005c2fd 100644 --- a/src/openforms/forms/tests/variables/test_viewset.py +++ b/src/openforms/forms/tests/variables/test_viewset.py @@ -29,7 +29,7 @@ ) from openforms.variables.models import ServiceFetchConfiguration from openforms.variables.tests.factories import ServiceFetchConfigurationFactory -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory @override_settings(LANGUAGE_CODE="en") diff --git a/src/openforms/pre_requests/tests/test_clients.py b/src/openforms/pre_requests/tests/test_clients.py index 5d7c9f7e43..5f74e1a652 100644 --- a/src/openforms/pre_requests/tests/test_clients.py +++ b/src/openforms/pre_requests/tests/test_clients.py @@ -6,7 +6,7 @@ from openforms.prefill.contrib.haalcentraal.tests.utils import load_binary_mock from openforms.submissions.tests.factories import SubmissionFactory -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory from ..base import PreRequestHookBase from ..clients import PreRequestClientContext diff --git a/src/openforms/prefill/contrib/haalcentraal/tests/test_client.py b/src/openforms/prefill/contrib/haalcentraal/tests/test_client.py index f4eba9782f..7aa2e07e24 100644 --- a/src/openforms/prefill/contrib/haalcentraal/tests/test_client.py +++ b/src/openforms/prefill/contrib/haalcentraal/tests/test_client.py @@ -9,7 +9,7 @@ from zgw_consumers.models import Service from zgw_consumers.test import mock_service_oas_get -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory from ..constants import HaalCentraalVersion from ..models import HaalCentraalConfig diff --git a/src/openforms/prefill/contrib/haalcentraal/tests/test_co_sign.py b/src/openforms/prefill/contrib/haalcentraal/tests/test_co_sign.py index 7bfe485134..0740545365 100644 --- a/src/openforms/prefill/contrib/haalcentraal/tests/test_co_sign.py +++ b/src/openforms/prefill/contrib/haalcentraal/tests/test_co_sign.py @@ -9,7 +9,7 @@ from openforms.prefill.contrib.haalcentraal.constants import HaalCentraalVersion from openforms.submissions.tests.factories import SubmissionFactory -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory from ....co_sign import add_co_sign_representation from ....models import PrefillConfig diff --git a/src/openforms/prefill/contrib/haalcentraal/tests/test_config_check.py b/src/openforms/prefill/contrib/haalcentraal/tests/test_config_check.py index 81b7ac5e64..8342b42f70 100644 --- a/src/openforms/prefill/contrib/haalcentraal/tests/test_config_check.py +++ b/src/openforms/prefill/contrib/haalcentraal/tests/test_config_check.py @@ -10,7 +10,7 @@ from zgw_consumers.test import mock_service_oas_get from openforms.plugins.exceptions import InvalidPluginConfiguration -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory from ....registry import register from ..constants import HaalCentraalVersion diff --git a/src/openforms/prefill/contrib/haalcentraal/tests/test_models.py b/src/openforms/prefill/contrib/haalcentraal/tests/test_models.py index 6e0901cfb7..633f708b97 100644 --- a/src/openforms/prefill/contrib/haalcentraal/tests/test_models.py +++ b/src/openforms/prefill/contrib/haalcentraal/tests/test_models.py @@ -5,7 +5,7 @@ from zgw_consumers.models import Service -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory from ..client import HaalCentraalClient, HaalCentraalV1Client, HaalCentraalV2Client from ..constants import Attributes, AttributesV2, HaalCentraalVersion diff --git a/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py b/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py index a0f11d98ee..b6ce31e0c0 100644 --- a/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py +++ b/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py @@ -12,7 +12,7 @@ from openforms.pre_requests.base import PreRequestHookBase from openforms.pre_requests.registry import Registry from openforms.submissions.tests.factories import SubmissionFactory -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory from ....constants import IdentifierRoles from ....registry import register diff --git a/src/openforms/prefill/tests/test_prefill_variables.py b/src/openforms/prefill/tests/test_prefill_variables.py index 850ab35af5..1461c97f90 100644 --- a/src/openforms/prefill/tests/test_prefill_variables.py +++ b/src/openforms/prefill/tests/test_prefill_variables.py @@ -17,7 +17,7 @@ SubmissionFactory, SubmissionStepFactory, ) -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory from .. import prefill_variables from ..contrib.haalcentraal.models import HaalCentraalConfig diff --git a/src/openforms/registrations/contrib/objects_api/tests/factories.py b/src/openforms/registrations/contrib/objects_api/tests/factories.py index 1cb87b5aaa..4f32136d86 100644 --- a/src/openforms/registrations/contrib/objects_api/tests/factories.py +++ b/src/openforms/registrations/contrib/objects_api/tests/factories.py @@ -2,7 +2,7 @@ from zgw_consumers.constants import APITypes from openforms.registrations.contrib.objects_api.models import ObjectsAPIConfig -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory class ObjectsAPIConfigFactory(factory.django.DjangoModelFactory): diff --git a/src/openforms/registrations/contrib/zgw_apis/tests/factories.py b/src/openforms/registrations/contrib/zgw_apis/tests/factories.py index 92fb4e12a1..73ddcb48d1 100644 --- a/src/openforms/registrations/contrib/zgw_apis/tests/factories.py +++ b/src/openforms/registrations/contrib/zgw_apis/tests/factories.py @@ -7,13 +7,13 @@ class ZGWApiGroupConfigFactory(factory.django.DjangoModelFactory): name = factory.Sequence(lambda n: "ZGW API set %03d" % n) zrc_service = factory.SubFactory( - "zgw_consumers_ext.factories.ServiceFactory", api_type=APITypes.zrc + "zgw_consumers_ext.tests.factories.ServiceFactory", api_type=APITypes.zrc ) drc_service = factory.SubFactory( - "zgw_consumers_ext.factories.ServiceFactory", api_type=APITypes.drc + "zgw_consumers_ext.tests.factories.ServiceFactory", api_type=APITypes.drc ) ztc_service = factory.SubFactory( - "zgw_consumers_ext.factories.ServiceFactory", api_type=APITypes.ztc + "zgw_consumers_ext.tests.factories.ServiceFactory", api_type=APITypes.ztc ) class Meta: diff --git a/src/openforms/services/tests/test_api_list.py b/src/openforms/services/tests/test_api_list.py index c2291cdd84..a3e212c95a 100644 --- a/src/openforms/services/tests/test_api_list.py +++ b/src/openforms/services/tests/test_api_list.py @@ -3,7 +3,7 @@ from rest_framework.test import APITestCase from openforms.accounts.tests.factories import StaffUserFactory, UserFactory -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory class AccessControlTests(APITestCase): diff --git a/src/openforms/submissions/tests/form_logic/test_fetching_form_varaiable_values_from_services.py b/src/openforms/submissions/tests/form_logic/test_fetching_form_varaiable_values_from_services.py index 0a749aa7d7..772e127b35 100644 --- a/src/openforms/submissions/tests/form_logic/test_fetching_form_varaiable_values_from_services.py +++ b/src/openforms/submissions/tests/form_logic/test_fetching_form_varaiable_values_from_services.py @@ -17,7 +17,7 @@ from openforms.variables.constants import DataMappingTypes from openforms.variables.tests.factories import ServiceFetchConfigurationFactory from openforms.variables.validators import HeaderValidator, ValidationError -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory from ...logic.service_fetching import perform_service_fetch diff --git a/src/openforms/submissions/tests/test_variables/test_fetch_with_logic.py b/src/openforms/submissions/tests/test_variables/test_fetch_with_logic.py index 4c27e1fce4..c1ba489f5c 100644 --- a/src/openforms/submissions/tests/test_variables/test_fetch_with_logic.py +++ b/src/openforms/submissions/tests/test_variables/test_fetch_with_logic.py @@ -10,7 +10,7 @@ from openforms.forms.constants import LogicActionTypes from openforms.forms.tests.factories import FormLogicFactory from openforms.variables.tests.factories import ServiceFetchConfigurationFactory -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory from ..factories import SubmissionFactory from ..mixins import SubmissionsMixin diff --git a/src/openforms/tests/test_registrator_prefill.py b/src/openforms/tests/test_registrator_prefill.py index 5b9d4bc196..0ce055f3db 100644 --- a/src/openforms/tests/test_registrator_prefill.py +++ b/src/openforms/tests/test_registrator_prefill.py @@ -24,7 +24,7 @@ ) from openforms.submissions.models import Submission from openforms.utils.urls import reverse_plus -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory CONFIGURATION = { "display": "form", diff --git a/src/openforms/variables/tests/factories.py b/src/openforms/variables/tests/factories.py index ce4ddecf8e..ed3bc81569 100644 --- a/src/openforms/variables/tests/factories.py +++ b/src/openforms/variables/tests/factories.py @@ -1,6 +1,6 @@ import factory -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory from ..models import ServiceFetchConfiguration diff --git a/src/simple_certmanager_ext/__init__.py b/src/simple_certmanager_ext/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/src/simple_certmanager_ext/tests/__init__.py b/src/simple_certmanager_ext/tests/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/src/zgw_consumers_ext/tests/data/README.md b/src/simple_certmanager_ext/tests/data/README.md similarity index 88% rename from src/zgw_consumers_ext/tests/data/README.md rename to src/simple_certmanager_ext/tests/data/README.md index 90a687c007..61eabe1bae 100644 --- a/src/zgw_consumers_ext/tests/data/README.md +++ b/src/simple_certmanager_ext/tests/data/README.md @@ -1,4 +1,4 @@ -# Test files for mTLS with zgw_consumers.Service models +# Test files for mTLS via simple_certmanager.Certificate models ## Certificate and key diff --git a/src/zgw_consumers_ext/tests/data/test.certificate b/src/simple_certmanager_ext/tests/data/test.certificate similarity index 100% rename from src/zgw_consumers_ext/tests/data/test.certificate rename to src/simple_certmanager_ext/tests/data/test.certificate diff --git a/src/zgw_consumers_ext/tests/data/test.key b/src/simple_certmanager_ext/tests/data/test.key similarity index 100% rename from src/zgw_consumers_ext/tests/data/test.key rename to src/simple_certmanager_ext/tests/data/test.key diff --git a/src/simple_certmanager_ext/tests/factories.py b/src/simple_certmanager_ext/tests/factories.py new file mode 100644 index 0000000000..3e46082c9b --- /dev/null +++ b/src/simple_certmanager_ext/tests/factories.py @@ -0,0 +1,28 @@ +from pathlib import Path + +import factory +from simple_certmanager.constants import CertificateTypes +from simple_certmanager.models import Certificate + +DATA_DIR = Path(__file__).parent.resolve() / "data" + + +class CertificateFactory(factory.django.DjangoModelFactory): + label = factory.Sequence(lambda n: f"certificate-{n}") + type = CertificateTypes.cert_only + public_certificate = factory.django.FileField( + from_path=str(DATA_DIR / "test.certificate"), + filename="cert.pem", + ) + + class Meta: + model = Certificate + + class Params: + with_private_key = factory.Trait( + type=CertificateTypes.key_pair, + private_key=factory.django.FileField( + from_path=str(DATA_DIR / "test.key"), + filename="key.pem", + ), + ) diff --git a/src/soap/tests/factories.py b/src/soap/tests/factories.py index d3339a7638..5d6fa2bd32 100644 --- a/src/soap/tests/factories.py +++ b/src/soap/tests/factories.py @@ -13,13 +13,13 @@ class Meta: class Params: with_server_cert = factory.Trait( server_certificate=factory.SubFactory( - "stuf.tests.factories.CertificateFactory", + "simple_certmanager_ext.tests.factories.CertificateFactory", public_certificate__filename="server.cert", ), ) with_client_cert = factory.Trait( client_certificate=factory.SubFactory( - "stuf.tests.factories.CertificateFactory", + "simple_certmanager_ext.tests.factories.CertificateFactory", public_certificate__filename="client.cert", ), ) diff --git a/src/stuf/stuf_zds/tests/test_client.py b/src/stuf/stuf_zds/tests/test_client.py index 524347b80c..7eae6015d5 100644 --- a/src/stuf/stuf_zds/tests/test_client.py +++ b/src/stuf/stuf_zds/tests/test_client.py @@ -1,24 +1,20 @@ -from pathlib import Path from unittest import skipIf from unittest.mock import patch -from django.core.files import File from django.template.loader import render_to_string from django.test import TestCase, tag import requests_mock from simple_certmanager.constants import CertificateTypes -from simple_certmanager.models import Certificate from openforms.registrations.exceptions import RegistrationFailed from openforms.tests.utils import can_connect +from simple_certmanager_ext.tests.factories import CertificateFactory from soap.constants import EndpointType from ...tests.factories import StufServiceFactory from ..client import StufZDSClient -TEST_CERTIFICATES = Path(__file__).parent.parent.parent / "tests" / "data" - @requests_mock.Mocker() class StufZdsClientTest(TestCase): @@ -26,26 +22,20 @@ class StufZdsClientTest(TestCase): def setUpTestData(cls): super().setUpTestData() - certificate_file = TEST_CERTIFICATES / "test.certificate" - key_file = TEST_CERTIFICATES / "test.key" - - with key_file.open("r") as key_f, certificate_file.open("r") as certificate_f: - cls.client_certificate = Certificate.objects.create( - label="Test client certificate", - type=CertificateTypes.key_pair, - public_certificate=File(certificate_f, name="test.certificate"), - private_key=File(key_f, name="test.key"), - ) - cls.client_certificate_only = Certificate.objects.create( - label="Test client certificate (only cert)", - type=CertificateTypes.cert_only, - public_certificate=File(certificate_f, name="test1.certificate"), - ) - cls.server_certificate = Certificate.objects.create( - label="Test server certificate", - type=CertificateTypes.cert_only, - public_certificate=File(certificate_f, name="test2.certificate"), - ) + cls.client_certificate = CertificateFactory.create( + label="Test client certificate", + with_private_key=True, + ) + cls.client_certificate_only = CertificateFactory.create( + label="Test client certificate (only cert)", + type=CertificateTypes.cert_only, + public_certificate__filename="test1.certificate", + ) + cls.server_certificate = CertificateFactory.create( + label="Test server certificate", + type=CertificateTypes.cert_only, + public_certificate__filename="test1.certificate", + ) cls.client_options = { "gemeentecode": "1234", diff --git a/src/stuf/tests/data/Readme.md b/src/stuf/tests/data/Readme.md deleted file mode 100644 index 88f680971d..0000000000 --- a/src/stuf/tests/data/Readme.md +++ /dev/null @@ -1,14 +0,0 @@ -# Test files for certificate model - -## Certificate and key - -The `test.certificate` and the `test.key` were generated using the following command: - -```bash -openssl req -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out test.certificate -keyout test.key -``` - -The tests making use of these certificates are: -- `test_client.py` - -These tests will potentially start failing once the test certificate expires. diff --git a/src/stuf/tests/data/test.certificate b/src/stuf/tests/data/test.certificate deleted file mode 100644 index 7c1f30ccb5..0000000000 --- a/src/stuf/tests/data/test.certificate +++ /dev/null @@ -1,31 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgIUDhKD9gw30kWRmpNXQKsC9/bmbh4wDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCTkwxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjA0MDQxMDUwMjdaFw0yMzA0 -MDQxMDUwMjdaMEUxCzAJBgNVBAYTAk5MMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw -HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQCsrZmuAIdEWueZVfPPT9jKowsrM4ZI0X8Yu/95gMVc -mVoFhZimpewp6POMISSfpsFhrci6TXr9JcTBnlkwaG1F2wWqmpuqJFa1Uhbfragk -EkdI32FZk0PCe/V1Qg0I/KUwYT+LZ9WUQKYy36vn0iA/ML1ThKl1VAICAxhNQ/lt -CuV1quJBJeY312lyQmWJf0M+5JI/fplUMiJibFa/JxP2QISG3Byo+cEaD93u2r5n -bXHClcc2Z4d8rfxRiXhjSmzI1WJCpF7aJXJV1d66e8HSEaM5PrDLtaXOdWIF1bF7 -zKR0y5HYVaBkjQLFc1gAUQiwQxNgcLfXYFAC1GEbvMWmo2XfcXli5xr3/e3AMMZY -r8l4Zn5aFKsk+g+4RzvoE4D7umiJY5OeNFrW+Z0jI3N8Gg45IXJ3TLdOz0dPaNDf -yNzuEcTpfhvh4jUIfsVrwqHsjD+rP915/8oNhFC4HHRi2Z7NTctQT5teSHU7WPhi -u8WRbgwmxRfjIO3lKzpUWDu+lYafThNV98bw9hCzfsxaCmP7wHBucDmTYV5863tl -6Oz5C7RE7gEZqW4+cdA7dZvpw58LEyrHwpkZzotPXtWMLsm2aMVZdUynxGKmoWgs -Ef1F6Suab4Su9e134t9F0MDtNKSAGvioBKOaP9UON6/Pgy32jxyzTtVB5mGspU9u -OwIDAQABo1MwUTAdBgNVHQ4EFgQUz+S9I3I4S85NSDzkqbM2S4UnXRAwHwYDVR0j -BBgwFoAUz+S9I3I4S85NSDzkqbM2S4UnXRAwDwYDVR0TAQH/BAUwAwEB/zANBgkq -hkiG9w0BAQsFAAOCAgEAWbfo/jpKkhr76hrI1NVkR0+9z8wllRo68iy/wuTFyovO -OPKZ6UcBHdpNQrAakm9EHlX0OE6Z1KDHW3YTPKp6uhnCx9vvTHzuPKn67wjM5K+d -SRU2OPpcbI2PlvFSloRvAenklqCL57CFFRuzArNsBS1pCjB95UIkbABn8sDnVAdU -Aj6r3AaWlqrz6BknzO6o6PQSlQvPQr3d+C8B7Z3+97ZKCS8bys/rAMofhfAMiZt3 -EEEU7rw8v4SHnledlntU0Wn9q419KZkdV8xK01FrwNdrgCuxrCQd/a6XSYYh3/FA -i3I5KsGjLi6Dy3ik2Ym1ZfiAKZ1r0GDQsTXo0UZVo30D0qd4my4un3WFwht+I2gL -uuMIMgjyTFO8APvvpFviAFLUJ6okFNA5Bu3YrxV3Tn4zPgutGfu2pL8nfFkFEgUo -YHIFJsW8Vn5y94jzMtm42wdEKH52NnKRMQ4vySEc9KTRsUf5eGQVzhf5XAo+Vihb -teZhXJk2JZxFam7mBZ/yfaqvSYSBwJLcQ2TnXWaQScRagj1CdqeWBLqhoE6I5I5Y -KW3zkEgDT8LH5k33njEITakQ33kLgCL/CaSBbNgx62bslstFO+Kre4vy8gOCdvTe -m6dbKX4Gght8RcGaeVD15EsVPZweb7wcWeFp8FinsO19JFy2XyViMJz9wbbGE5w= ------END CERTIFICATE----- diff --git a/src/stuf/tests/data/test.key b/src/stuf/tests/data/test.key deleted file mode 100644 index 45277792c1..0000000000 --- a/src/stuf/tests/data/test.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCsrZmuAIdEWueZ -VfPPT9jKowsrM4ZI0X8Yu/95gMVcmVoFhZimpewp6POMISSfpsFhrci6TXr9JcTB -nlkwaG1F2wWqmpuqJFa1UhbfragkEkdI32FZk0PCe/V1Qg0I/KUwYT+LZ9WUQKYy -36vn0iA/ML1ThKl1VAICAxhNQ/ltCuV1quJBJeY312lyQmWJf0M+5JI/fplUMiJi -bFa/JxP2QISG3Byo+cEaD93u2r5nbXHClcc2Z4d8rfxRiXhjSmzI1WJCpF7aJXJV -1d66e8HSEaM5PrDLtaXOdWIF1bF7zKR0y5HYVaBkjQLFc1gAUQiwQxNgcLfXYFAC -1GEbvMWmo2XfcXli5xr3/e3AMMZYr8l4Zn5aFKsk+g+4RzvoE4D7umiJY5OeNFrW -+Z0jI3N8Gg45IXJ3TLdOz0dPaNDfyNzuEcTpfhvh4jUIfsVrwqHsjD+rP915/8oN -hFC4HHRi2Z7NTctQT5teSHU7WPhiu8WRbgwmxRfjIO3lKzpUWDu+lYafThNV98bw -9hCzfsxaCmP7wHBucDmTYV5863tl6Oz5C7RE7gEZqW4+cdA7dZvpw58LEyrHwpkZ -zotPXtWMLsm2aMVZdUynxGKmoWgsEf1F6Suab4Su9e134t9F0MDtNKSAGvioBKOa -P9UON6/Pgy32jxyzTtVB5mGspU9uOwIDAQABAoICABw4CoNLBs/+4xZF26AndlA3 -MN4Qf4Nq6RBLuMZMavRlAzcfzAB/4QZAUXy29ds5TyT9V25KtyyjfXH+xKiKiEEA -N/7XYVT+t0TOc3p+UJoEeq3IA4q17D7eLxDIiITNdNlhKxdHEro1jnOF5fvudOKe -vnHlniPUZLebdd86mopdW35NPMhUvzik9VB81UcRCxY+GEBUGg6OWtwmxE5cvoBh -rsazNePPXOU7bpNYIAGa+xpHi9SyOov/itpwUsI3KWvwoyws3Gtd7z9jwhBLpTMF -Ot1iB1ZjCwOgXzKA545JtR55Hg5yf9Gu0aMe5GS42WikrYf3I7QIw0qTFoOH5+y8 -tSq1ZB+Of/m1DLr/mzXJHN8kj+mQ+rCfYzXRwyj5WARUlJyaB/Dp5Bo44lGWNPph -E3Lh8+M4wDLhd/wR4lyosvDbZPQRDC9tqB2N6ORbEjWv0/8l1orBHHhqOvK7WGHR -o3TD9DcbPBhj6lkORfrx9+Hp2gd06lVyHCr9V5pSne+uawLBsmGNvYebS/Z/5eue -A1WAp0kr2zh7nluAZ54HdUt2wUS7Kz506iS6lrln4RGv7L3D4fXgBGyk1rM2G1Wb -PO3QHLk8X7kbaf7blDMZmgTfrHd91yds6vEpAOJ41iwyCfj1PhxzGOxF2a9wzjI+ -q1eVQCCAwIGc14t6ZdFBAoIBAQDe3lbLt4giYgUgFak5HY8c1IHzYWXn1LkjiFF2 -LvHFV0GPhJonGpZs1RO4Xt2GxXJHWZsU0VyJ/z+GbDl8gHxvhfH5JTbBHVpMb/Yv -qh0VWGDGZ5qFdQEdjkUgUWEllYMly0C5Cbbqb2JsLmMFDPytk1qGKk8WHedMgWdU -4ttsm2BsB5wE0B5WeaHvFghbuslcddPReXSQAWyNl/AYwNX5nJNIVk+d8ug5hJ/W -GKXlACQLAOH+hdcO/f3vn6dYCH5ZON8SmHZLdTXiIoO5sTLcIcgvOv+WqSACYrLy -1yaKw1+6Zn0JES/yVhagu3t4+HCMC58kD8ad9apwfCGx15MrAoIBAQDGWS0WCH0m -WmJHAaG9VM6iPTDt/x6zc9rv0nnFsn74U/KQaEfOE4QgUkXuq3L3l8tvasIoMeFU -ote+AdHBU4fAayteO8wHChZWPy+1fvnezPIsAzXszYT8pA77pxE1a/f8v12N5YYY -RXkov5RJCvgadmNrWXgY3w93pFmo9bevJVs8yws0fNdYqLqeS3cUbhS4eP7eW3fR -GnTHRzdsfkTOZFu5BgIEww0mFgonXvPSzuMZFGQ/0cmxTdbC38ygY1CCd25gxoDA -vdVXKDoZ4rMVg5Cd8QHcebeuHoj9j0gbMFh0sVfxqFMvMUamjwBN2wJMDA7Vtk5u -yBw7l/5/v0kxAoIBAA32jCWTSBovXfbWpJWJfo/l2IZxEbtmnnrVbZUj983PW7Is -MqREjCwhZWzltKde83v45zh0rYGP1mELosZkHme2UqSzaizLM/8Z/Kib1dqigN2t -XAcEf59kbHxL3PRH28GgbFureiRR+i6g8V89ow8U7lT9jZrrILSwXtL4q5qwWWgr -SeEbUOtGD5k1HizxFPCQCUdUfrMPA8gTPt2uJznOT4P2tGJG97myz3jQboRcb+Wo -loAlzoWH8EL1E7z2O0RHxeIaXz73Bvs2Al699VvJWgtrfNvpmLHNkTyZsjZ7ayH4 -jdjllMVwE1baqC+6EQMVL1FJE76Nx7HodQv5X6UCggEAD3NI2MuGfCNUPnW5FJdz -lR2xHwjdalse9cluZOD3lP5tCaSl2z6X7zCZc/L0/KZdWWt2fk0MYVxh89IOdcG8 -9FckxK1hwjad8M/xNnESo7FRN+50F+MWdduNszqbU476fTym2/PCE0fuHSd3NI1f -MCiCrA0HFuDhQo+R0GB7k3AUgFLMp6UF3UkfaE82kmfUw13hdI6pcade61r3zUK0 -t2MH5gy6wYY0EwBqgBCca5JkDEMTYAlGbcJDdWCbfu7diZwmA/HSe7EN2kEu7W9E -Reu+qx7n5zWwAicswpuToVKNwWFDGXbkK+vptfWzr1zc+/GAglM2HtkFofq//1F2 -MQKCAQEA3K4r+ph7mpcYCexmeyhy7c2jP0mYQlscTIZzszJ9dY4/hBJcO2mMhxgu -t/OPYzmqcsGh1ZG1yukbNpow0HmvWvqPBnf6iyfSeiKlem5KNIyDxjTxbuW05A1K -1O0P6DuOOqe2OVjoe/IQCSZKXKLA33mutVTv7+6n3x/Cn/TMKbhtW9snGLBcz9Ja -Ks+tt+ox2fjPX3dUNOkJhOQAd8sO3Em8iHRz63ZPHVHP+QMvh7dqo/EaL31r8qKT -tzfAt0Hy2HIaRtOLDYEp9DVe1X6dnLtCVV2Jk9rf3XWKxEQzxkcB0qzeLvFwgSj0 -X63ewa3oWQp6gR1mKlMg2TXDfVSrOg== ------END PRIVATE KEY----- diff --git a/src/stuf/tests/factories.py b/src/stuf/tests/factories.py index 3c9b74c7d6..ae52c9531e 100644 --- a/src/stuf/tests/factories.py +++ b/src/stuf/tests/factories.py @@ -1,28 +1,8 @@ -from pathlib import Path - import factory from soap.tests.factories import SoapServiceFactory from stuf.models import StufService -DATA_DIR = Path(__file__).parent.resolve() / "data" - - -class CertificateFactory(factory.django.DjangoModelFactory): - label = factory.Sequence(lambda n: f"certificate-{n}") - type = "cert_only" - public_certificate = factory.django.FileField( - from_path=str(DATA_DIR / "test.certificate") - ) - - class Meta: - model = "simple_certmanager.Certificate" - - class Params: - with_private_key = factory.Trait( - private_key=factory.django.FileField(from_path=str(DATA_DIR / "test.key")) - ) - class StufServiceFactory(factory.django.DjangoModelFactory): ontvanger_organisatie = factory.Sequence(lambda n: f"ontvanger_organisatie-{n}") diff --git a/src/zgw_consumers_ext/factories.py b/src/zgw_consumers_ext/tests/factories.py similarity index 55% rename from src/zgw_consumers_ext/factories.py rename to src/zgw_consumers_ext/tests/factories.py index c897420881..8c67263147 100644 --- a/src/zgw_consumers_ext/factories.py +++ b/src/zgw_consumers_ext/tests/factories.py @@ -1,4 +1,5 @@ import factory +from zgw_consumers.models import Service class UriPathFaker(factory.Faker): @@ -18,5 +19,19 @@ class ServiceFactory(factory.django.DjangoModelFactory): api_root = UriPathFaker() # FIXME: this should be a fully qualified URL class Meta: - model = "zgw_consumers.Service" + model = Service django_get_or_create = ("api_root",) + + class Params: + with_server_cert = factory.Trait( + server_certificate=factory.SubFactory( + "simple_certmanager_ext.tests.factories.CertificateFactory", + public_certificate__filename="server.cert", + ), + ) + with_client_cert = factory.Trait( + client_certificate=factory.SubFactory( + "simple_certmanager_ext.tests.factories.CertificateFactory", + public_certificate__filename="client.cert", + ), + ) diff --git a/src/zgw_consumers_ext/tests/test_client_factory.py b/src/zgw_consumers_ext/tests/test_client_factory.py index e7b33a6abe..285f08a594 100644 --- a/src/zgw_consumers_ext/tests/test_client_factory.py +++ b/src/zgw_consumers_ext/tests/test_client_factory.py @@ -1,24 +1,16 @@ -from pathlib import Path - -from django.core.files import File from django.test import TestCase import requests_mock from privates.test import temp_private_root from simple_certmanager.constants import CertificateTypes -from simple_certmanager.models import Certificate from zgw_consumers.constants import AuthTypes from api_client import APIClient +from simple_certmanager_ext.tests.factories import CertificateFactory from ..api_client import ServiceClientFactory from ..factories import ServiceFactory -TEST_FILES = Path(__file__).parent.resolve() / "data" - -CLIENT_CERTIFICATE = TEST_FILES / "test.certificate" -CLIENT_KEY = TEST_FILES / "test.key" - @temp_private_root() class ClientFromServiceTests(TestCase): @@ -26,25 +18,22 @@ class ClientFromServiceTests(TestCase): def setUpTestData(cls): super().setUpTestData() - with CLIENT_CERTIFICATE.open("rb") as cert_file, CLIENT_KEY.open( - "rb" - ) as key_file: - cls.client_cert_only = Certificate.objects.create( - label="Gateway client certificate", - type=CertificateTypes.cert_only, - public_certificate=File(cert_file, "client_cert.pem"), - ) - cls.client_cert_and_privkey = Certificate.objects.create( - label="Gateway client certificate", - type=CertificateTypes.key_pair, - public_certificate=File(cert_file, "client_cert.pem"), - private_key=File(key_file, "client_key.pem"), - ) - cls.server_cert = Certificate.objects.create( - label="Gateway server certificate", - type=CertificateTypes.cert_only, - public_certificate=File(cert_file, "server.pem"), - ) + cls.client_cert_only = CertificateFactory.create( + label="Gateway client certificate", + type=CertificateTypes.cert_only, + public_certificate__filename="client_cert.pem", + ) + cls.client_cert_and_privkey = CertificateFactory.create( + label="Gateway client certificate", + with_private_key=True, + public_certificate__filename="client_cert.pem", + private_key__filename="client_key.pem", + ) + cls.server_cert = CertificateFactory.create( + label="Gateway server certificate", + type=CertificateTypes.cert_only, + public_certificate__filename="server.pem", + ) def test_no_server_cert_specified(self): service = ServiceFactory.build() From d6ee8fc16bd3381b5aacc1c337f3705e178368d3 Mon Sep 17 00:00:00 2001 From: Sergei Maertens Date: Tue, 19 Sep 2023 18:09:02 +0200 Subject: [PATCH 2/4] :art: Clean up DigiD tests w/r to certificates Replaced make_cert utility with CertificateFactory and updated the README with where which file is used. --- .../digid/tests/data/{Readme.md => README.md} | 6 ++---- .../contrib/digid/tests/test_auth_procedure.py | 10 +++++----- .../digid/tests/test_signicat_integration.py | 12 ++++++++++-- .../authentication/contrib/digid/tests/utils.py | 17 ----------------- .../tests/test_client_factory.py | 2 +- 5 files changed, 18 insertions(+), 29 deletions(-) rename src/openforms/authentication/contrib/digid/tests/data/{Readme.md => README.md} (69%) diff --git a/src/openforms/authentication/contrib/digid/tests/data/Readme.md b/src/openforms/authentication/contrib/digid/tests/data/README.md similarity index 69% rename from src/openforms/authentication/contrib/digid/tests/data/Readme.md rename to src/openforms/authentication/contrib/digid/tests/data/README.md index bd5b2bc054..2d88cfbe8b 100644 --- a/src/openforms/authentication/contrib/digid/tests/data/Readme.md +++ b/src/openforms/authentication/contrib/digid/tests/data/README.md @@ -10,8 +10,7 @@ openssl req -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out test.certificat The tests making use of these certificates are: -- `src/openforms/authentication/contrib/digid/tests/test_auth_procedure.py` -- `src/openforms/authentication/contrib/eherkenning/tests/test_auth.py` +- `src/openforms/authentication/contrib/digid/tests/test_migrations.py` These tests will potentially start failing once the test certificate expires. @@ -20,7 +19,6 @@ These tests will potentially start failing once the test certificate expires. The `our_certificate.pem` and `our_keys.pem` files are used by: - `src/openforms/authentication/contrib/digid/tests/test_signicat_integration.py` -- `src/openforms/authentication/contrib/eherkenning/tests/test_signicat_integration.py` -`signicate_metadata.xml` is used by +`signicat_metadata.xml` is used by `src/openforms/authentication/contrib/digid/tests/test_signicat_integration.py`. diff --git a/src/openforms/authentication/contrib/digid/tests/test_auth_procedure.py b/src/openforms/authentication/contrib/digid/tests/test_auth_procedure.py index 57a3bbcca7..7c5efb9712 100644 --- a/src/openforms/authentication/contrib/digid/tests/test_auth_procedure.py +++ b/src/openforms/authentication/contrib/digid/tests/test_auth_procedure.py @@ -23,10 +23,11 @@ from openforms.submissions.tests.factories import SubmissionFactory from openforms.submissions.tests.mixins import SubmissionsMixin from openforms.utils.tests.cache import clear_caches +from simple_certmanager_ext.tests.factories import CertificateFactory from ....constants import CO_SIGN_PARAMETER, FORM_AUTH_SESSION_KEY, AuthAttribute from ....contrib.tests.saml_utils import create_test_artifact, get_artifact_response -from .utils import TEST_FILES, make_certificate +from .utils import TEST_FILES def _create_test_artifact() -> str: @@ -48,13 +49,12 @@ class DigiDConfigMixin: def setUpTestData(cls): super().setUpTestData() - KEY = TEST_FILES / "test.key" - CERT = TEST_FILES / "test.certificate" - METADATA = TEST_FILES / "metadata.xml" + cert = CertificateFactory.create(label="DigiD", with_private_key=True) - cert = make_certificate(KEY, CERT) + METADATA = TEST_FILES / "metadata.xml" config = DigidConfiguration.get_solo() + assert isinstance(config, DigidConfiguration) config.certificate = cert config.base_url = "https://test-sp.nl" config.entity_id = "https://test-sp.nl" diff --git a/src/openforms/authentication/contrib/digid/tests/test_signicat_integration.py b/src/openforms/authentication/contrib/digid/tests/test_signicat_integration.py index 3654bfbc7f..7587c206bb 100644 --- a/src/openforms/authentication/contrib/digid/tests/test_signicat_integration.py +++ b/src/openforms/authentication/contrib/digid/tests/test_signicat_integration.py @@ -19,10 +19,11 @@ from openforms.submissions.tokens import submission_resume_token_generator from openforms.utils.tests.cache import clear_caches from openforms.utils.tests.vcr import OFVCRMixin +from simple_certmanager_ext.tests.factories import CertificateFactory from ....constants import FORM_AUTH_SESSION_KEY from ..constants import PLUGIN_ID -from .utils import TEST_FILES, make_certificate +from .utils import TEST_FILES KEY = TEST_FILES / "our_key.pem" CERT = TEST_FILES / "our_certificate.pem" @@ -68,9 +69,16 @@ class SignicatDigiDIntegrationTests(OFVCRMixin, TestCase): @classmethod def setUpTestData(cls): super().setUpTestData() - cert = make_certificate(KEY, CERT) + + cert = CertificateFactory.create( + label="DigiD", + with_private_key=True, + public_certificate__from_path=CERT, + private_key__from_path=KEY, + ) config = DigidConfiguration.get_solo() + assert isinstance(config, DigidConfiguration) config.certificate = cert # broker insists using https config.base_url = config.entity_id = "https://localhost:8000" diff --git a/src/openforms/authentication/contrib/digid/tests/utils.py b/src/openforms/authentication/contrib/digid/tests/utils.py index 73a67535da..5e46f20525 100644 --- a/src/openforms/authentication/contrib/digid/tests/utils.py +++ b/src/openforms/authentication/contrib/digid/tests/utils.py @@ -1,20 +1,3 @@ from pathlib import Path -from django.core.files import File - -from simple_certmanager.constants import CertificateTypes -from simple_certmanager.models import Certificate - TEST_FILES = Path(__file__).parent.resolve() / "data" - - -def make_certificate(key_pem: Path, certificate_pem: Path, label="DigiD"): - with key_pem.open("rb") as key_file, certificate_pem.open("rb") as cert_file: - cert = Certificate( - label=label, - type=CertificateTypes.key_pair, - private_key=File(key_file, key_pem.name), - public_certificate=File(cert_file, certificate_pem.name), - ) - cert.save() - return cert diff --git a/src/zgw_consumers_ext/tests/test_client_factory.py b/src/zgw_consumers_ext/tests/test_client_factory.py index 285f08a594..d075b1ceb6 100644 --- a/src/zgw_consumers_ext/tests/test_client_factory.py +++ b/src/zgw_consumers_ext/tests/test_client_factory.py @@ -9,7 +9,7 @@ from simple_certmanager_ext.tests.factories import CertificateFactory from ..api_client import ServiceClientFactory -from ..factories import ServiceFactory +from .factories import ServiceFactory @temp_private_root() From 130d7625be2d3ffbe63182908e29c9635c7a4f1c Mon Sep 17 00:00:00 2001 From: Sergei Maertens Date: Tue, 19 Sep 2023 18:16:57 +0200 Subject: [PATCH 3/4] :art: Clean up EHerkenning tests w/r to certificates Replaced make_cert utility with CertificateFactory and updated the README with where which file is used. --- .../contrib/digid/tests/data/README.md | 2 ++ .../contrib/eherkenning/tests/data/README.md | 26 +++++++++++++++++++ .../tests/test_eherkenning_auth.py | 17 +++--------- .../eherkenning/tests/test_eidas_auth.py | 17 +++--------- .../tests/test_signicat_integration.py | 12 +++++++-- .../contrib/eherkenning/tests/utils.py | 17 ------------ 6 files changed, 46 insertions(+), 45 deletions(-) create mode 100644 src/openforms/authentication/contrib/eherkenning/tests/data/README.md diff --git a/src/openforms/authentication/contrib/digid/tests/data/README.md b/src/openforms/authentication/contrib/digid/tests/data/README.md index 2d88cfbe8b..ae8f7f7f61 100644 --- a/src/openforms/authentication/contrib/digid/tests/data/README.md +++ b/src/openforms/authentication/contrib/digid/tests/data/README.md @@ -20,5 +20,7 @@ The `our_certificate.pem` and `our_keys.pem` files are used by: - `src/openforms/authentication/contrib/digid/tests/test_signicat_integration.py` +These must be uploaded with Signicat for live (non-VCR) network communication. + `signicat_metadata.xml` is used by `src/openforms/authentication/contrib/digid/tests/test_signicat_integration.py`. diff --git a/src/openforms/authentication/contrib/eherkenning/tests/data/README.md b/src/openforms/authentication/contrib/eherkenning/tests/data/README.md new file mode 100644 index 0000000000..9d48d83f87 --- /dev/null +++ b/src/openforms/authentication/contrib/eherkenning/tests/data/README.md @@ -0,0 +1,26 @@ +# Test files for EHerkenning + +## Certificate and key + +The test.certificate and the test.key were generated using the following command: + +```bash +openssl req -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out test.certificate -keyout test.key +``` + +The tests making use of these certificates are: + +- `src/openforms/authentication/contrib/eherkenning/tests/test_migrations.py` + +These tests will potentially start failing once the test certificate expires. + +## Signicat integration tests + +The `our_certificate.pem` and `our_keys.pem` files are used by: + +- `src/openforms/authentication/contrib/eherkenning/tests/test_signicat_integration.py` + +These must be uploaded with Signicat for live (non-VCR) network communication. + +`signicat_metadata.xml` is used by +`src/openforms/authentication/contrib/eherkenning/tests/test_signicat_integration.py`. diff --git a/src/openforms/authentication/contrib/eherkenning/tests/test_eherkenning_auth.py b/src/openforms/authentication/contrib/eherkenning/tests/test_eherkenning_auth.py index 922624f9ba..8541683fb4 100644 --- a/src/openforms/authentication/contrib/eherkenning/tests/test_eherkenning_auth.py +++ b/src/openforms/authentication/contrib/eherkenning/tests/test_eherkenning_auth.py @@ -16,14 +16,13 @@ from furl import furl from lxml import etree from privates.test import temp_private_root -from simple_certmanager.constants import CertificateTypes -from simple_certmanager.models import Certificate from openforms.forms.tests.factories import FormFactory from openforms.submissions.tests.factories import SubmissionFactory from openforms.submissions.tests.mixins import SubmissionsMixin from openforms.tests.utils import supress_output from openforms.utils.tests.cache import clear_caches +from simple_certmanager_ext.tests.factories import CertificateFactory from ....constants import CO_SIGN_PARAMETER, FORM_AUTH_SESSION_KEY, AuthAttribute from ....contrib.tests.saml_utils import ( @@ -43,20 +42,12 @@ class EHerkenningConfigMixin: def setUpTestData(cls): super().setUpTestData() - KEY = TEST_FILES / "test.key" - CERT = TEST_FILES / "test.certificate" - METADATA = TEST_FILES / "eherkenning-metadata.xml" + cert = CertificateFactory.create(label="eHerkenning", with_private_key=True) - with KEY.open("rb") as key_file, CERT.open("rb") as cert_file: - cert = Certificate( - label="eHerkenning", - type=CertificateTypes.key_pair, - private_key=File(key_file, KEY.name), - public_certificate=File(cert_file, CERT.name), - ) - cert.save() + METADATA = TEST_FILES / "eherkenning-metadata.xml" config = EherkenningConfiguration.get_solo() + assert isinstance(config, EherkenningConfiguration) config.certificate = cert config.base_url = "https://test-sp.nl" config.entity_id = "urn:etoegang:DV:00000001111111111000:entities:9000" diff --git a/src/openforms/authentication/contrib/eherkenning/tests/test_eidas_auth.py b/src/openforms/authentication/contrib/eherkenning/tests/test_eidas_auth.py index 663cc7dd1a..f6c47ee123 100644 --- a/src/openforms/authentication/contrib/eherkenning/tests/test_eidas_auth.py +++ b/src/openforms/authentication/contrib/eherkenning/tests/test_eidas_auth.py @@ -15,14 +15,13 @@ from furl import furl from lxml import etree from privates.test import temp_private_root -from simple_certmanager.constants import CertificateTypes -from simple_certmanager.models import Certificate from openforms.forms.tests.factories import FormFactory from openforms.submissions.tests.factories import SubmissionFactory from openforms.submissions.tests.mixins import SubmissionsMixin from openforms.tests.utils import supress_output from openforms.utils.tests.cache import clear_caches +from simple_certmanager_ext.tests.factories import CertificateFactory from ....constants import CO_SIGN_PARAMETER, FORM_AUTH_SESSION_KEY, AuthAttribute from ....contrib.tests.saml_utils import ( @@ -42,20 +41,12 @@ class EIDASConfigMixin: def setUpTestData(cls): super().setUpTestData() - KEY = TEST_FILES / "test.key" - CERT = TEST_FILES / "test.certificate" - METADATA = TEST_FILES / "eherkenning-metadata.xml" + cert = CertificateFactory.create(label="eHerkenning", with_private_key=True) - with KEY.open("rb") as key_file, CERT.open("rb") as cert_file: - cert = Certificate( - label="eHerkenning", - type=CertificateTypes.key_pair, - private_key=File(key_file, KEY.name), - public_certificate=File(cert_file, CERT.name), - ) - cert.save() + METADATA = TEST_FILES / "eherkenning-metadata.xml" config = EherkenningConfiguration.get_solo() + assert isinstance(config, EherkenningConfiguration) config.certificate = cert config.base_url = "https://test-sp.nl" config.entity_id = "urn:etoegang:DV:00000001111111111000:entities:9000" diff --git a/src/openforms/authentication/contrib/eherkenning/tests/test_signicat_integration.py b/src/openforms/authentication/contrib/eherkenning/tests/test_signicat_integration.py index 7c26393acf..507cd11912 100644 --- a/src/openforms/authentication/contrib/eherkenning/tests/test_signicat_integration.py +++ b/src/openforms/authentication/contrib/eherkenning/tests/test_signicat_integration.py @@ -19,9 +19,10 @@ from openforms.submissions.tokens import submission_resume_token_generator from openforms.utils.tests.cache import clear_caches from openforms.utils.tests.vcr import OFVCRMixin +from simple_certmanager_ext.tests.factories import CertificateFactory from ....constants import FORM_AUTH_SESSION_KEY -from .utils import TEST_FILES, make_certificate +from .utils import TEST_FILES PLUGIN_ID = "eherkenning" KEY = TEST_FILES / "our_key.pem" @@ -69,9 +70,16 @@ class SignicatEHerkenningIntegrationTests(OFVCRMixin, TestCase): @classmethod def setUpTestData(cls): super().setUpTestData() - cert = make_certificate(KEY, CERT) + + cert = CertificateFactory.create( + label="EHerkenning", + with_private_key=True, + public_certificate__from_path=CERT, + private_key__from_path=KEY, + ) config = EherkenningConfiguration.get_solo() + assert isinstance(config, EherkenningConfiguration) config.certificate = cert config.idp_service_entity_id = SIGNICAT_BROKER_BASE / "sp/saml" # broker insists using https diff --git a/src/openforms/authentication/contrib/eherkenning/tests/utils.py b/src/openforms/authentication/contrib/eherkenning/tests/utils.py index b913b5bfd9..5e46f20525 100644 --- a/src/openforms/authentication/contrib/eherkenning/tests/utils.py +++ b/src/openforms/authentication/contrib/eherkenning/tests/utils.py @@ -1,20 +1,3 @@ from pathlib import Path -from django.core.files import File - -from simple_certmanager.constants import CertificateTypes -from simple_certmanager.models import Certificate - TEST_FILES = Path(__file__).parent.resolve() / "data" - - -def make_certificate(key_pem: Path, certificate_pem: Path, label="EHerkenning"): - with key_pem.open("rb") as key_file, certificate_pem.open("rb") as cert_file: - cert = Certificate( - label=label, - type=CertificateTypes.key_pair, - private_key=File(key_file, key_pem.name), - public_certificate=File(cert_file, certificate_pem.name), - ) - cert.save() - return cert From 8d3fe2a9ac3bc156c65bb2e50d46874201755225 Mon Sep 17 00:00:00 2001 From: Sergei Maertens Date: Wed, 20 Sep 2023 15:02:02 +0200 Subject: [PATCH 4/4] :green_heart: Missed a spot --- src/openforms/variables/tests/test_e2e.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/openforms/variables/tests/test_e2e.py b/src/openforms/variables/tests/test_e2e.py index e18e6b214c..46557468fd 100644 --- a/src/openforms/variables/tests/test_e2e.py +++ b/src/openforms/variables/tests/test_e2e.py @@ -13,7 +13,7 @@ ) from openforms.tests.e2e.base import E2ETestCase, browser_page, create_superuser from openforms.variables.tests.factories import ServiceFetchConfigurationFactory -from zgw_consumers_ext.factories import ServiceFactory +from zgw_consumers_ext.tests.factories import ServiceFactory class ServiceFetchConfigTests(E2ETestCase):